1a207340beb5d13c05ffb17417b32628

Sharing

Copy URL Twitter E-mail

General

Target

1a207340beb5d13c05ffb17417b32628
Size

316KB
MD5

1a207340beb5d13c05ffb17417b32628
SHA1

610aca147027f28d149bf1e8f8a1cf85d198fcb2
SHA256

7b8babee4b53c3cd765f47b52372828ee9d43800304d9ec2fa04fcf2407f6645
SHA512

f937eca3eaecda6c7d1704321e795fe8e3ddada223ec9cc5c66e45d61e26ebe6328be752e2c7338bc09484cf4d5242874e91429f034c66a6ec6da75dfdc0e8d5
SSDEEP

6144:DWIqzgZSNSICzis8dieevTKol4t3ESBU5VRJHivXTKOfk5:DWIqzTN5CziDdtk46tw/P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a207340beb5d13c05ffb17417b32628

Files

1a207340beb5d13c05ffb17417b32628
.exe windows:4 windows x86 arch:x86

a1b5a8e21d05a7388bf63c5905686ea1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringW
FreeEnvironmentStringsA
GetTimeZoneInformation
SetFilePointer
InitializeCriticalSection
GetLocalTime
GetProfileStringA
FreeEnvironmentStringsW
ReadFile
InterlockedExchange
GetVersion
GetCurrentThread
GetVersionExW
LoadLibraryA
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
GlobalFree
GetAtomNameA
GetSystemTimeAsFileTime
VirtualFree
HeapReAlloc
FileTimeToSystemTime
SetThreadContext
GetModuleHandleA
GetSystemTime
GetTempPathA
IsBadWritePtr
RtlUnwind
HeapAlloc
GetCurrentProcess
CloseHandle
GetProcAddress
CreateFileW
WriteFile
CreateDirectoryW
SetEnvironmentVariableA
TryEnterCriticalSection
GetStdHandle
MultiByteToWideChar
GetLastError
LCMapStringA
SetStdHandle
HeapCreate
GetStringTypeW
CreateSemaphoreW
TlsFree
GetCalendarInfoW
GetPrivateProfileStringW
UnhandledExceptionFilter
VirtualQuery
TlsGetValue
ExitProcess
GetTickCount
GetEnvironmentStrings
InterlockedDecrement
TlsSetValue
LeaveCriticalSection
EnumDateFormatsW
QueryPerformanceCounter
WideCharToMultiByte
SetLocaleInfoW
GetACP
GetFileType
HeapDestroy
SetLastError
GetStartupInfoA
VirtualAlloc
GlobalFlags
InterlockedExchangeAdd
EnumResourceNamesA
GetEnvironmentStringsW
ReadConsoleInputW
GetCurrentProcessId
OpenMutexA
FreeResource
TerminateProcess
ResumeThread
SetHandleCount
TlsAlloc
GetConsoleOutputCP
GetConsoleMode
InterlockedIncrement
GetCurrentDirectoryA
GetCommandLineA
GetCPInfo
EnumCalendarInfoExA
GetCurrentThreadId
CreateWaitableTimerW
FindResourceExA
GetStringTypeA
CompareStringA
GetSystemDirectoryA
GlobalSize
InterlockedCompareExchange
DeleteCriticalSection
CreateMutexA
GetOEMCP
CommConfigDialogA
GetModuleFileNameA
FlushFileBuffers
HeapFree
ResetEvent
WriteConsoleOutputAttribute
SetThreadAffinityMask
GetStartupInfoW
LCMapStringW

wininet

DeleteUrlCacheContainerW
InternetGetConnectedState
InternetDialW
InternetSetFilePointer
FindNextUrlCacheContainerW

user32

SendNotifyMessageW
SetMenuInfo
ShowWindow
CreateDialogParamW
ReplyMessage
MoveWindow
RegisterWindowMessageA
DdeReconnect
OemToCharW
DdeCreateDataHandle
RealGetWindowClass
RegisterClassA
EndPaint
CreateWindowExA
WinHelpW
CharToOemA
GetClassInfoExW
DefWindowProcW
MessageBoxIndirectW
UnregisterHotKey
MessageBoxA
PaintDesktop
GetSysColor
GetMessageTime
DestroyWindow
GetNextDlgTabItem
GetKeyboardLayoutNameW
DragDetect
FindWindowExA
AttachThreadInput
DefDlgProcW
SetMessageQueue
InflateRect
DeleteMenu
CharPrevW
CreateDesktopW
RegisterClassExA

comctl32

MakeDragList
ImageList_Write
InitCommonControlsEx
ImageList_DrawIndirect
ImageList_Draw
ImageList_SetFilter
_TrackMouseEvent
CreateMappedBitmap
ImageList_GetFlags
GetEffectiveClientRect
CreateStatusWindow

Sections

.text
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a1b5a8e21d05a7388bf63c5905686ea1

Headers

File Characteristics

Imports

kernel32

wininet

user32

comctl32

Sections

.text Size: 116KB - Virtual size: 114KB

.rdata Size: 92KB - Virtual size: 90KB

.data Size: 92KB - Virtual size: 109KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 116KB - Virtual size: 114KB

.rdata
Size: 92KB - Virtual size: 90KB

.data
Size: 92KB - Virtual size: 109KB

.rsrc
Size: 12KB - Virtual size: 11KB